Bash maintainer says he told Apple, provided patch days before bug went public.
Author: arstechnica.com
Security researcher reported brute force attacks were possible in March.
“Shellshock” bug in common GNU shell could be “worm-able,” used to launch kernel exploits.
Because attackers only get five tries, TouchID is strong enough… for now.